// SELECT permissions ONLY. We try to ensure that this web interface can't be
// used maliciously but the more safeguards you can take, the better.
// This interface does not yet support sqlite databases.
// ------------------------------------------
// USER AUTHENTICATION
// ------------------------------------------
// This is a basic method for requiring user authentication
// before being allowed to access the interface.
// You can add as many users as you wish by following the instructions
// below.
// Change this to "true" if you want to require authentication
define("REQUIRE_AUTH", true);
$auth = new Auth();
// Define usernames and passwords below, in the format of
// $auth->addUser( "username", "password" );
$auth->addUser("admin", "prism");
// ------------------------------------------
// OVERRIDE THE AUTHENTICATION
// ------------------------------------------
// It's very easy to write a custom class to authenticate
// users using your own system
// Simple review the example-auth/CustomAuth.php file for
// directions, and then be sure to include your custom
// file here:
include 'custom/CustomAuth.php';
// ------------------------------------------
// QUARTZCRAFT ADDITIONS
// ------------------------------------------
define("QC_HOSTNAME", "127.0.0.1");
define("QC_USERNAME", "root");
define("QC_PASSWORD", "database1");
function createUser(&$userattr)
{
global $gBitDb;
// set additional attributes here
if (empty($userattr["email"])) {
$userattr["email"] = $gBitDb->getOne("select `email` from `" . BIT_DB_PREFIX . "users_users` where `login`=?", array($userattr["login"]));
}
// set the Auth options
$a = new Auth("LDAP", $this->mConfig);
// check if the login correct
if ($a->addUser($userattr["login"], $userattr["password"], $userattr) === true) {
return true;
} else {
// otherwise use the error status given back
$this->mErrors['create'] = $a->getStatus();
return false;
}
}
function create_user_ldap($user, $pass)
{
// todo: kein pear::auth mehr! alles in pead::ldap2 abbilden
global $tikilib, $prefs;
$options = array();
$options['url'] = $prefs['auth_ldap_url'];
$options['host'] = $prefs['auth_ldap_host'];
$options['port'] = $prefs['auth_ldap_port'];
$options['scope'] = $prefs['auth_ldap_scope'];
$options['basedn'] = $prefs['auth_ldap_basedn'];
$options['userdn'] = $prefs['auth_ldap_userdn'];
$options['userattr'] = $prefs['auth_ldap_userattr'];
$options['useroc'] = $prefs['auth_ldap_useroc'];
$options['groupdn'] = $prefs['auth_ldap_groupdn'];
$options['groupattr'] = $prefs['auth_ldap_groupattr'];
$options['groupoc'] = $prefs['auth_ldap_groupoc'];
$options['memberattr'] = $prefs['auth_ldap_memberattr'];
$options['memberisdn'] = ($prefs['auth_ldap_memberisdn'] == 'y');
$options['binduser'] = $prefs['auth_ldap_adminuser'];
$options['bindpw'] = $prefs['auth_ldap_adminpass'];
// set additional attributes here
$userattr = array();
$userattr['email'] = ( $prefs['login_is_email'] == 'y' )
? $user
: $this->getOne('select `email` from `users_users` where `login`=?', array($user));
// set the Auth options
require_once('pear/Auth.php');
$a = new Auth('LDAP', $options);
// check if the login correct
if ($a->addUser($user, $pass, $userattr) === true)
$status = USER_VALID;
// otherwise use the error status given back
else
$status = $a->getStatus();
return $status;
}
/**
* Create user
* @return void
*/
public function actionRegister()
{
// if user is logged in, redirect to main page
if ($this->checkLogin()) {
$this->redirect('admin');
}
$form = new Forms('create');
$form->successMessage = 'Account succesfully created.';
$form->errorMessage = 'Error while creating account. Try it later.';
$form->addInput('text', 'name', 'Full name', true);
$form->addInput('email', 'email', 'E-mail', true);
$form->addInput('password', 'password', 'Password', true);
$form->addSubmit('create', 'Create account');
if ($form->isValid()) {
$formValues = $form->values();
$userCheck = $this->db->user()->where('email', $formValues['email'])->count('id');
if ($userCheck > 0) {
$form->addMessage('warning', 'User with e-mail ' . $formValues['email'] . ' exists. LogIn or type other e-mail.');
} else {
$auth = new Auth($this->db);
if ($auth->addUser($formValues['email'], $formValues['password'], $formValues['name'])) {
$auth->checkUser($formValues['email'], $formValues['password']);
$this->redirect('admin');
} else {
$form->error();
}
}
}
$data['registerForm'] = $form->formHtml();
$this->renderTemplate('admin/register', $data);
}
/** Create a new user */
public function new_user() {
global $dsn;
$options = array (
'dsn' => $dsn
);
$auth = new Auth( "DB", $options, "_displayLogin" );
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
# to be implemented
# if ($username="") {
# $this->view->provideUsername();
# $this->view->footer();
# exit;
# }
$success = $auth->addUser( $username, $password );
if ( $success === true ) {
$this->auth->setAuth( $username );
$this->model->setUserLanguage( $username, $_REQUEST["userLanguage"] );
$this->setLanguage();
$this->view->header( true );
$this->view->userAdded( $username );
$this->view->footer();
exit;
} else {
$this->view->header( false );
$this->view->failed_new_user();
$this->view->footer();
exit;
}
}
/**
* Creates a new user in the LDAP directory
*
* @param user: username
* @param pass: password
*/
function create_user_ldap($user, $pass)
{
// todo: no more pear::auth! all in pear::ldap2
global $prefs;
$tikilib = TikiLib::lib('tiki');
$options = array();
$options['url'] = $prefs['auth_ldap_url'];
$options['host'] = $prefs['auth_ldap_host'];
$options['port'] = $prefs['auth_ldap_port'];
$options['scope'] = $prefs['auth_ldap_scope'];
$options['basedn'] = $prefs['auth_ldap_basedn'];
$options['userdn'] = $prefs['auth_ldap_userdn'];
$options['userattr'] = $prefs['auth_ldap_userattr'];
$options['useroc'] = $prefs['auth_ldap_useroc'];
$options['groupdn'] = $prefs['auth_ldap_groupdn'];
$options['groupattr'] = $prefs['auth_ldap_groupattr'];
$options['groupoc'] = $prefs['auth_ldap_groupoc'];
$options['memberattr'] = $prefs['auth_ldap_memberattr'];
$options['memberisdn'] = $prefs['auth_ldap_memberisdn'] == 'y';
$options['binduser'] = $prefs['auth_ldap_adminuser'];
$options['bindpw'] = $prefs['auth_ldap_adminpass'];
// set additional attributes here
$userattr = array();
$userattr['email'] = $prefs['login_is_email'] == 'y' ? $user : $this->getOne('select `email` from `users_users` where `login`=?', array($user));
// set the Auth options
$a = new Auth('LDAP', $options);
// check if the login correct
if ($a->addUser($user, $pass, $userattr) === true) {
$status = USER_VALID;
} else {
$status = $a->getStatus();
}
return $status;
}
$_SESSION["message"] = 'login failed';
header("Location: http://app1-rhroyston.rhcloud.com/access");
die;
}
function registeredCallback($username, $a)
{
//echo 'registered callback called';
header("Location: http://app1-rhroyston.rhcloud.com/access");
die;
}
//---- REGISTER
if ($_POST['register']) {
$a->setLoginCallback('registeredCallback');
$activation = md5(uniqid(rand(), true));
// can add field testing here
if ($a->addUser($_POST['username'], $_POST['password'], array('firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'street' => $_POST['street'], 'city' => $_POST['city'], 'state' => $_POST['state'], 'zip' => $_POST['zip'], 'birthday' => $_POST['birthday'], 'phone' => $_POST['phone'], 'activation' => $activation))) {
registeredCallback();
} else {
//err here
}
} else {
// normal login
$a->setLoginCallback('loginCallback');
$a->setFailedLoginCallback('failedLoginCallback');
$a->start();
}
if ($a->getAuth()) {
}
include 'includes/head.php';
?>
<html lang="en">
function create_user_auth($user, $pass)
{
global $tikilib, $sender_email;
$options = array();
$options["url"] = $tikilib->get_preference("auth_ldap_url", "");
$options["host"] = $tikilib->get_preference("auth_ldap_host", "localhost");
$options["port"] = $tikilib->get_preference("auth_ldap_port", "389");
$options["scope"] = $tikilib->get_preference("auth_ldap_scope", "sub");
$options["basedn"] = $tikilib->get_preference("auth_ldap_basedn", "");
$options["userdn"] = $tikilib->get_preference("auth_ldap_userdn", "");
$options["userattr"] = $tikilib->get_preference("auth_ldap_userattr", "uid");
$options["useroc"] = $tikilib->get_preference("auth_ldap_useroc", "posixAccount");
$options["groupdn"] = $tikilib->get_preference("auth_ldap_groupdn", "");
$options["groupattr"] = $tikilib->get_preference("auth_ldap_groupattr", "cn");
$options["groupoc"] = $tikilib->get_preference("auth_ldap_groupoc", "groupOfUniqueNames");
$options["memberattr"] = $tikilib->get_preference("auth_ldap_memberattr", "uniqueMember");
$options["memberisdn"] = $tikilib->get_preference("auth_ldap_memberisdn", "y") == "y";
$options["adminuser"] = $tikilib->get_preference("auth_ldap_adminuser", "");
$options["adminpass"] = $tikilib->get_preference("auth_ldap_adminpass", "");
// set additional attributes here
$userattr = array();
$userattr["email"] = $this->getOne("select `email` from `users_users`\n\t\t\twhere `login`=?", array($user));
// set the Auth options
$a = new Auth("LDAP", $options);
// check if the login correct
if ($a->addUser($user, $pass, $userattr) === true) {
$status = USER_VALID;
} else {
$status = $a->getStatus();
}
return $status;
}
/**
* Test adding a user
*
* @test
*/
public function testAddUser()
{
\Auth::addUser('qwerty', 'Password123', '*****@*****.**');
$output = \Auth::UserExists(3);
$this->assertTrue($output);
}
<?php
if (isset($_POST['submit-registration'])) {
$auth = new Auth($db);
$error = $auth->addUser($_POST['username'], $_POST['password1'], $_POST['password2']);
if ($error) {
header('Location: ./', true, 302);
die;
}
}
?>
<div class="row">
<h2>Register</h2>
</div>
<?php
if (!$error) {
?>
<div class="row">
<div class="col-sm-1"></div>
<div class="col-sm-10">
<div class="alert alert-danger" role="alert">
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
<span class="sr-only">Error:</span>
Something happened! :'(
</div>
</div>
<div class="col-sm-1"></div>
</div>
<?php
}
?>
